E-resources
Peer reviewed
Open access
-
Wazan, Ahmad Samer; Billoir, Eddie; Chadwick, David W.; Laborde, Romain; Kaiiali, Mustafa; Venant, Remi; Ahmad, Liza; Benzekri, Abdelmalek
Computers & security, 2023Journal Article
Today, Linux users use sudo/su commands to attribute Linux’s administrative privileges to their programs. These commands always give the whole list of administrative privileges to Linux programs unless there are pre-installed default policies defined by Linux Security Modules (LSM). LSM requires users to inject the needed privileges into the memory of the process and to declare the needed privileges in an LSM policy. This approach can work for users with good knowledge of the syntax of LSM policies. However, adding or editing an existing policy is very time-consuming because LSM requires adding a complete list of traditional permissions and administrative privileges. Therefore, we propose a new Linux module called RootAsRole dedicated to managing administrative privileges. RootAsRole is not proposed to replace LSM but to be used as a complementary module to manage Linux administrative privileges. RootAsRole allows Linux administrators to define a set of roles that contain the administrative privileges and restrict their usage to a set of users/groups and programs. Finally, we conduct an empirical performance study to compare RootAsRole tools with sudo/su commands to show that the overhead added by our module remains acceptable.
![loading ... loading ...](themes/default/img/ajax-loading.gif)
Shelf entry
Permalink
- URL:
Impact factor
Access to the JCR database is permitted only to users from Slovenia. Your current IP address is not on the list of IP addresses with access permission, and authentication with the relevant AAI accout is required.
Year | Impact factor | Edition | Category | Classification | ||||
---|---|---|---|---|---|---|---|---|
JCR | SNIP | JCR | SNIP | JCR | SNIP | JCR | SNIP |
Select the library membership card:
If the library membership card is not in the list,
add a new one.
DRS, in which the journal is indexed
Database name | Field | Year |
---|
Links to authors' personal bibliographies | Links to information on researchers in the SICRIS system |
---|
Source: Personal bibliographies
and: SICRIS
The material is available in full text. If you wish to order the material anyway, click the Continue button.